Export limit exceeded: 345221 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345221 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0116 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. | ||||
| CVE-1999-0653 | 2026-04-16 | N/A | ||
| A component service related to NIS+ is running. | ||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | ||||
| CVE-1999-0654 | 2026-04-16 | N/A | ||
| The OS/2 or POSIX subsystem in NT is enabled. | ||||
| CVE-2000-0117 | 1 Sun | 3 Cobalt Raq, Cobalt Raq 2, Cobalt Raq 3i | 2026-04-16 | N/A |
| The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). | ||||
| CVE-2000-0818 | 1 Oracle | 1 Listener | 2026-04-16 | N/A |
| The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | ||||
| CVE-2001-0330 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. | ||||
| CVE-1999-0438 | 1 Ramp Networks | 2 Webramp 200i, Webramp M3 | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address. | ||||
| CVE-2001-0037 | 1 Keware Technologies | 1 Homeseer | 2026-04-16 | N/A |
| Directory traversal vulnerability in HomeSeer before 1.4.29 allows remote attackers to read arbitrary files via a URL containing .. (dot dot) specifiers. | ||||
| CVE-2001-0207 | 1 Pierre Beyssac | 1 Bing | 2026-04-16 | N/A |
| Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function. | ||||
| CVE-2006-3613 | 1 Chamberland Technology | 1 Ezwaiter Online | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Chamberland Technology ezWaiter 3.0 Online and possibly Enterprise Software (aka enterprise edition) allow remote attackers to inject arbitrary web script or HTML via the (1) itemfor (aka "Who is this item for?") and (2) special (aka "Special Instructions") parameters to item.php, which is accessed from showorder.php, or (3) unspecified parameters to the login form at login.php. | ||||
| CVE-2006-3614 | 1 Orbitcoders | 1 Orbitmatrix | 2026-04-16 | N/A |
| index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the page_name parameter, possibly due to a SQL injection vulnerability. | ||||
| CVE-1999-0656 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | ||||
| CVE-2000-0119 | 2 Mcafee, Symantec | 2 Virusscan, Norton Antivirus | 2026-04-16 | N/A |
| The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | ||||
| CVE-2006-3615 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Phorum 5.1.14, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via unspecified vectors related to an uninitialized variable. | ||||
| CVE-1999-0657 | 2026-04-16 | N/A | ||
| WinGate is being used. | ||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2026-04-16 | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-1999-0444 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | ||||
| CVE-2001-0040 | 1 Apc | 1 Apcupsd | 2026-04-16 | N/A |
| APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. | ||||
| CVE-2006-3618 | 1 Pixelated By Lev | 1 Pixelated By Lev Guestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters. | ||||